• Mac OS X,  Mac OS X Server,  Mac Security

    A Service-By-Service Guide For Moving Away From macOS Server

    I’ve been making guides to macOS Server since Server 2: Mountain Lion Server (Server 2) Yosemite Server (Server 3) Mavericks Server (Server 4) OS X Server 5 (for El Capitan) macOS Server 5.2 (for macOS Sierra) macOS Server 5.4 (for High Sierra) And along the way, I’ve also sold plenty of books on Mac Servers and gotten a lot of opportunities I might not have gotten otherwise. So thank you to everyone for joining me on that journey. After teaching so many how to use the services that Apple made available in their server operating system, when they announced they’d no longer be making many of the services my readers…

  • Mac OS X

    Move From Hosting Files From A macOS Server To A macOS Client

    Migrating file services from a macOS Server to a macOS Client can be a bit traumatic at first. Mostly because the thought itself can be a bit daunting. But once you get started, it’s pretty simple. Mostly because there’s less to do. And that can be a challenge. While there are ways to hack together solutions for network homes and other more advanced features, if you’re doing that, then you’re missing a key point here.  Let’s start by documenting our existing share points. We’ll do this with the serveradmin command and using the settings verb for the sharing service as follows: sudo serveradmin settings sharing Each share is an item…

  • Mac OS X Server,  Mac Security,  Synology

    Migrate From macOS To A Synology Based VPN

    Synology is able to do everything a macOS Server could do, and more. So if you need to move your VPN service, it’s worth looking at a number of different solutions. The most important question to ask is whether you actually need a VPN any more. If you have git, mail/groupware, or file services that require remote access then you might want to consider moving these into a hosted environment somewhere. But if you need access to the LAN and you’re a small business without other servers, a Synology can be a great place to host your VPN services.  Before you setup anything new, first snapshot your old settings. Let’s…

  • Mac OS X Server,  Synology

    Install Directory Services on a Synology

    People who have managed Open Directory and will be moving to Synology will note that directory services really aren’t nearly as complicated was we’ve made them out to be for years. This is because Apple was protecting us from doing silly things to break our implementations. It was also because Apple bundled a number of seemingly disparate technologies into ldap. It’s worth mentioning that LDAP on a Synology is LDAP. We’re not federating services, we’re not kerberizing services, we’re not augmenting schemas, etc. We can leverage the directory service to provide attributes though, and have that central phone book of user and group memberships we’ve come to depend on directory…

  • Mac OS X Server

    Apple Releases Service Migration Guide for macOS Server

    Apple won’t be keeping all of the services in macOS Server after the next few months. In the meantime, we have a big old guide to read. I have some overlapping articles I’ve been working on, but I’d say we’re in a similar headspace. The Apple macOS Server Services Migration Guide is available at https://developer.apple.com/support/macos-server/macOS-Server-Service-Migration-Guide.pdf and covers bind, vpnd, freeradius, manual netinstall with bootp and tftp, apache, wordpress, CalendarServer, and ftp. It’s pretty technical, but nothing too crazy in there!Overall, an easy read and I’m glad to see some content coming out to help admins!

  • Mac OS X Server

    Export DNS Records from macOS Server

    DNS is an integral service to most modern networks. The Domain Name System, or DNS is comprised of hierarchical and decentralized Domain Name Servers, or DNS Servers. This is how we connect to computers and the websites that reside on computers by their names, rather than having to memorize the IP addresses of every single computer out there. So you get to type https://krypted.com/ and come to my website instead of typing the IP address. Or more likely, Facebook.com, but just because my website is older, I’m not mad about that. No really… So you have a macOS Server and you need to take your DNS records out of it…

  • Mac OS X,  Mac OS X Server

    Move DHCP Services from macOS Server to Synology

    The first step to moving services from macOS Server for pretty much all services is to check out the old settings. The second step is to probably ask if where you’re going to put the service is a good idea. For example, these days I prefer to run DHCP services on a network appliance such as a Synology. And so let’s look at how to do that. Here, we’ll use the serveradmin command to view the settings of the DHCP service: /Applications/Server.app/Contents/ServerRoot/usr/sbin/serveradmin settings dhcp The output is an array of subnets with different settings per subnet. dhcp:static_maps = _empty_arraydhcp:subnets:_array_id:22217FF5-4DDB-4841-A731-EF5DA080E672:WINS_primary_server = ""dhcp:subnets:_array_id:22217FF5-4DDB-4841-A731-EF5DA080E672:dhcp_router = "10.15.40.1"dhcp:subnets:_array_id:22217FF5-4DDB-4841-A731-EF5DA080E672:WINS_secondary_server = ""dhcp:subnets:_array_id:22217FF5-4DDB-4841-A731-EF5DA080E672:net_range_start = "10.15.40.2"dhcp:subnets:_array_id:22217FF5-4DDB-4841-A731-EF5DA080E672:net_range_end = "10.15.43.253"dhcp:subnets:_array_id:22217FF5-4DDB-4841-A731-EF5DA080E672:dhcp_domain_name =…

  • Mac OS X,  Mac OS X Server,  Mac Security

    Replace the VPN Server from macOS Server

    Export macOS Server DataWe’re not going to import this, as it only takes a few seconds to configure new settings. Additionally, if you have outstanding services built on macOS Server, you might be able to pull this off without touching client systems. First, let’s grab  which protocols are enabled, running the following from Terminal: sudo serveradmin settings vpn:Servers:com.apple.ppp.pptp:enabled sudo serveradmin settings vpn:Servers:com.apple.ppp.l2tp:enabled Next, we’ll get the the IP ranges used so we can mimic those (or change them) in the new service: sudo serveradmin settings vpn:Servers:com.apple.ppp.pptp:IPv4:DestAddressRanges Now let’s grab the DNS servers handed out so those can be recreated: sudo serveradmin settings vpn:Servers:com.apple.ppp.pptp:DNS:OfferedServerAddresses:_array_indexsudo serveradmin settings vpn:Servers:com.apple.ppp.l2tp:DNS:OfferedServerAddresses:_array_index Finally, if you’re using…